The sad truth behind the ePR hack – our health data is to fall into the wrong hands

by Norbert Häring*

(9 January 2025) The author clearly identifies the dangers that have proven to be unavoidable in Germany with the forced digitisation of highly sensitive patient data. The Swiss equivalent of the German “electronic patient record” (ePR), the “electronic patient dossier” (EPD), was based on the principle of “double voluntariness” in 2017: both the patient and the outpatient practitioner were free to open or maintain an EPD. It has been in place in inpatient facilities since 2020. The Swiss national parliament is now discussing whether to make it mandatory for all outpatient healthcare facilities. However, patients are still free to open an EPD – or not.

***

At the “Chaos Computers Club” conference, IT experts revealed they had complete access to all electronic patient records (ePRs) from anywhere. It was clear from the outset that the data would not be secure. The German government was also aware of this. But it certainly intends for our medical data to end up in the hands of data scrapers and pharmaceutical companies anyway.¹

The government is forcing all doctors, therapists and statutory health insurance companies to participate in this system. People with statutory health insurance must actively object to their health insurer if they do not want their electronic patient file to be stored in the cloud, i.e. on the servers of large US IT companies.

It was clear from the outset that this highly sensitive data, which in principle can be accessed by everyone involved in the healthcare system throughout Europe, could not be protected from unauthorised access, even if the government never gets tired claiming otherwise. It is no coincidence that it has exempted private insurers, with whom members of the government and members of parliament are insured, from the ePR obligation.

Those who have gained access here include not only those with major commercial and intelligence interests and the corresponding opportunities. They will inevitably go after the ePR data as soon as it can be accessed by the millions. In a presentation at the CCC Congress, the two successful hackers showed just how many points of attack there are for this. (Link on X.com²).

The dangers of electronic patient records

(15 July 2023) From 2025, health insurance companies are to create an electronic file for every patient who does not expressly object. Guest author Andreas Heyer criticises the idea because he fears data misuse. Examples of this already exist abroad.³

In an article published on 27 December, the CCC thus calls for “an end to ePR experiments on living citizens”.

Even our government in Switzerland, which is committed to forced digitisation, knows and knew this. The sad truth is that this is being condoned, because the data is supposed to end up in the hands of the big data scrapers and pharmaceutical companies anyway. Which way is almost irrelevant. In any case, data protection should not be allowed to stand in the way. That is the declared program.

Digitisation as a gift to the healthcare industry: the government finally says this openly

(1 December 2023) Citizens have no interest in electronic patient records and doctors must also be compelled to digitise the healthcare system. So, whom does it serve? Current quote from Karl Lauterbach on the presentation of the German government’s pharmaceutical strategy: “The pharmaceutical industry needs data”. The “Tagesspiegel” headlines: “Lauterbach plans could bring billions in revenue to the economy.”⁴

Data scrapers should be allowed to train their AI models with ePR data – with reduced data protection

(29 November 2024) At a conference organised by the digital association Bitkom, Health Minister Karl Lauterbach revealed why the government is so committed to digital health and electronic patient records: Because our medical data is incredibly valuable and the big US data scrapers such as Google, Meta and Open AI are keen on it like a male dog on a bitch in heat.⁵

The video “Naked in the health cloud” explains clearly why electronic patient records in the cloud are so dangerous. The video is available on Odysee⁶ and Youtube⁷.

* Norbert Häring, born in 1963, is a German business journalist. He has been an economics editor at Handelsblatt since 2002. He successfully runs his blog norberthaering.de and has also published several books, including one on monetary policy.

Source: https://norberthaering.de/news/dpa-hack/, 29 December 2024

(Translation “Swiss Standpoint”)

1 https://norberthaering.de/news/dpa-hack/

2 https://x.com/BBarucker/status/1873120768860799097?mx=2

3 https://norberthaering.de/news/elektronische-patientenakte/

4 https://norberthaering.de/news/lauterbach-digitalisierung-pharma/

5 https://norberthaering.de/news/epa-daten-und-ki/

6 https://odysee.com/@norberthaering:8/nackt-in-der-gesundheitscloud-wie-unsere:1

7 https://consent.youtube.com/m?continue=https%
3A%2F%2Fwww.youtube.com%2Fchannel%2FUC99JefKKsQBmQ6SgbrdlbXg%3Fcbrd%3D1&gl=CH&m=0&pc=yt&cm=2&hl=de&src=1